﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Windows.Forms;
using System.Data;

public partial class login : System.Web.UI.Page
{
    private string user_name;
    private string password;
    
    protected void Page_Load(object sender, EventArgs e)
    {
        
    }
    protected void Button1_Click(object sender, EventArgs e)
    {
        if (TextBox1.Text != "")
        {
            user_name = TextBox1.Text;
            SqlConnection sc = new SqlConnection(Application["sqlconnection"].ToString());
            sc.Open();
            SqlCommand scc = sc.CreateCommand();
            scc.CommandText = "select Password from Users where Name = @name";
            scc.Parameters.Add("@name", SqlDbType.Text);
            scc.Parameters["@name"] = new SqlParameter("@name", user_name);
            SqlDataReader pass = scc.ExecuteReader();
            string pass_tmp = "";
            while (pass.Read())
            {
                pass_tmp += pass[0].ToString();
            }
            sc.Close();
            
            password = TextBox2.Text;
            //MessageBox.Show("p"+pass_tmp+"p"+password+"p");
            if (password.Equals(pass_tmp))
            {
                Application.Lock();
                Application["user_name"] = user_name;
                Application["password"] = pass_tmp;
                Application.UnLock();
                //获取用户信息并验证
                //TO-DO
                
                sc.Open();
                SqlCommand scom = sc.CreateCommand();
                scom.CommandText = "select Gender,Major,Email from Users where Name = @name";
                scom.Parameters.Add("@name", SqlDbType.Text);
                scom.Parameters["@name"] = new SqlParameter("@name", user_name);
                SqlDataReader sdr = scom.ExecuteReader();

                Application.Lock();
                while(sdr.Read())
                {
                    
                    Application["Gender"] = sdr[0].ToString();
                    Application["Major"] = sdr[1].ToString();
                    Application["Email"] = sdr[2].ToString();
                }
                Application.UnLock();

                //MessageBox.Show(Application["Gender"].ToString() + Application["Major"].ToString() + Application["Email"].ToString());
                sc.Close();
                sc.Open();
                scom.CommandText = "update Users set Status=@zx where Name=@name_up";
                scom.Parameters.Add("@zx", SqlDbType.Text);
                scom.Parameters.Add("@name_up", SqlDbType.Text);
                scom.Parameters["@zx"] = new SqlParameter("@zx", "true");
                scom.Parameters["@name_up"] = new SqlParameter("@name_up", user_name);
                int count_affect=scom.ExecuteNonQuery(); 
                sc.Close();
                Response.Redirect("index.aspx", true);
            }
            else
            {
  
                Response.Redirect("login.aspx", true);
            }
        }
        else Label1.Text = "Please register a new account~!";
    }
    protected void Button2_Click(object sender, EventArgs e)
    {
        Response.Redirect("register.aspx", true);
    }

    
}